CHAPTER 12
Configuring VPNs
Copyright © 2010, Juniper Networks, Inc.
VPNs route private data through a public Internet. Like normal Internet traffic, data in a
VPN is routed from source to destination using public Internet networking equipment.
Unlike normal traffic, however, the source and destination use a Security Association
(SA) pair to create a secure, private tunnel through which the data traverses the Internet.
A tunnel has a defined start point and end point, (usually an IP address), and is a private
connection through which the data can move freely. By encrypting and authenticating
the data while in the tunnel, you can ensure the security and integrity of the data.
VPNs can also connect widely distributed networks to make separate networks appear
as a single wide area network (WAN). VPNs replace costly Point-to-Point Protocol (PPP)
and Frame Relay connections that require dedicated lines (and sometimes even satellites)
between your private networks.
This chapter discusses the concepts involved in creating secure tunnels between devices,
details the differences between VPN types, helps you determine the best VPN for your
network, and guides you through creating and configuring your chosen VPN.
NOTE: For step-by-step instructions on creating VPNs, see the NSM Online
Help topic "VPNs".
About VPNs on page 552
Planning for Your VPN on page 553
Preparing VPN Components on page 562
Creating VPNs with VPN Manager on page 568
VPN Manager Examples on page 586
Creating Device-Level VPNs on page 601
Device-Level VPN Examples on page 616
Auto-Connect Virtual Private Network on page 625
IVE VPN Monitoring on page 627
551
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers